Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YgPYkE0HXEjCaiLon-XpjmQkLIY.roa
File: YgPYkE0HXEjCaiLon-XpjmQkLIY.roa (raw, json)
Hash identifier: uUN8zdmAkEYpVDiXSJ/lb95t+h4Ye3mIHXA/def7t6s=
Subject key identifier: 62:03:D8:90:4D:07:5C:48:C2:6A:22:E8:9F:E5:E9:8E:64:24:2C:86
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DED12B1F77455B67345FBCC83FBEC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YgPYkE0HXEjCaiLon-XpjmQkLIY.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59722
IP address blocks: 217.195.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ed:12:b1:f7:74:55:b6:73:45:fb:cc:83:fb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6203d8904d075c48c26a22e89fe5e98e64242c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bc:18:59:8d:a8:bf:88:9b:8e:fb:75:57:39:
ae:55:e0:24:a2:6e:eb:cd:a9:c0:07:10:9e:89:57:
05:6a:f5:b0:0f:2a:2e:c7:5c:4e:31:2d:dc:0a:92:
4b:e8:47:70:db:ec:b3:cf:6c:ab:25:14:a1:50:19:
88:69:85:71:45:dc:0d:dd:7b:23:dd:a2:9a:a7:f5:
0c:5b:7f:47:16:31:84:35:90:51:a1:1b:53:6f:06:
83:15:e3:05:72:16:69:c9:ff:9a:6d:97:2b:80:f1:
36:fe:30:78:60:50:d1:dc:67:f1:9d:99:4f:aa:a8:
5d:a8:c0:aa:15:ba:dc:89:43:cc:8c:4c:15:88:b9:
b6:d7:1d:49:9c:97:f3:20:d2:6b:d1:4f:cb:21:41:
55:f0:1b:45:62:4b:e1:c4:ce:c6:a8:c6:d7:b5:16:
1f:2b:ec:52:6b:5f:60:94:14:00:29:db:d9:81:13:
c2:53:58:03:c2:08:d8:1c:b6:d2:ef:c3:73:6d:e2:
cd:d4:bc:06:17:6c:35:e3:f9:6c:d4:11:17:1a:4c:
23:d8:4c:18:c3:d0:b2:5b:a1:cf:63:43:aa:4d:97:
cf:15:c6:02:74:f5:e4:33:90:9d:68:7b:67:31:b2:
ec:02:60:51:fc:a8:1a:7f:75:5a:a5:c5:f8:f1:2f:
57:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:03:D8:90:4D:07:5C:48:C2:6A:22:E8:9F:E5:E9:8E:64:24:2C:86
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YgPYkE0HXEjCaiLon-XpjmQkLIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.195.76.0/24
Signature Algorithm: sha256WithRSAEncryption
03:21:40:b8:63:1a:9e:8c:9e:f8:5d:d7:0f:4c:05:15:11:2a:
68:72:5e:cc:95:21:6d:6b:1f:2e:15:63:a2:ce:70:38:41:25:
ad:e5:9d:f5:c6:12:ad:b8:47:13:f7:89:b0:43:f9:18:5e:d8:
5b:d7:53:df:b8:17:e7:c4:a4:03:7c:9d:d1:92:99:b6:89:3d:
a6:8a:fa:1a:66:cc:84:32:eb:93:f6:fd:17:6c:fb:6d:5d:43:
7f:06:b5:ba:cc:1e:96:7b:a2:81:ea:17:55:3d:9e:40:4b:fa:
d2:d3:a7:60:d2:b4:3f:70:b1:00:24:36:78:f8:30:ac:17:7f:
20:49:58:a8:04:b7:ec:a7:dc:d4:4d:7b:c2:47:92:e1:ec:4e:
16:05:92:7b:2c:c8:68:7a:b7:50:c3:fb:11:3c:b8:21:a2:91:
65:4a:ab:24:dd:73:66:cd:88:dc:58:a1:b2:d9:f9:bc:8c:39:
14:1a:85:89:ed:19:4c:be:de:9b:89:8f:2d:85:12:3d:76:34:
af:ac:ae:56:ed:2f:85:9c:77:a7:ab:e6:cb:01:4e:7a:67:63:
fe:42:09:a4:12:12:a3:8a:61:9f:67:7e:a9:ef:82:f8:06:5a:
ce:e1:6d:62:15:8d:23:d0:86:c6:ea:53:bf:61:4a:1a:f4:2e:
5e:c2:12:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbe0Ssfd0VbZzRfvMg/vsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjAzZDg5MDRkMDc1YzQ4YzI2YTIyZTg5ZmU1ZTk4ZTY0MjQyYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybwYWY2ov4ibjvt1VzmuVeAkom7r
zanABxCeiVcFavWwDyoux1xOMS3cCpJL6Edw2+yzz2yrJRShUBmIaYVxRdwN3Xsj
3aKap/UMW39HFjGENZBRoRtTbwaDFeMFchZpyf+abZcrgPE2/jB4YFDR3GfxnZlP
qqhdqMCqFbrciUPMjEwViLm21x1JnJfzINJr0U/LIUFV8BtFYkvhxM7GqMbXtRYf
K+xSa19glBQAKdvZgRPCU1gDwgjYHLbS78NzbeLN1LwGF2w14/ls1BEXGkwj2EwY
w9CyW6HPY0OqTZfPFcYCdPXkM5CdaHtnMbLsAmBR/Kgaf3VapcX48S9XNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGID2JBNB1xIwmoi6J/l6Y5kJCyGMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWWdQWWtFMEhYRWpDYWlMb24tWHBqbVFrTElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cNMMA0G
CSqGSIb3DQEBCwUAA4IBAQADIUC4YxqejJ74XdcPTAUVESpocl7MlSFtax8uFWOi
znA4QSWt5Z31xhKtuEcT94mwQ/kYXthb11PfuBfnxKQDfJ3Rkpm2iT2mivoaZsyE
MuuT9v0XbPttXUN/BrW6zB6We6KB6hdVPZ5AS/rS06dg0rQ/cLEAJDZ4+DCsF38g
SVioBLfsp9zUTXvCR5Lh7E4WBZJ7LMhoerdQw/sRPLghopFlSqsk3XNmzYjcWKGy
2fm8jDkUGoWJ7RlMvt6biY8thRI9djSvrK5W7S+FnHenq+bLAU56Z2P+QgmkEhKj
imGfZ36p74L4BlrO4W1iFY0j0IbG6lO/YUoa9C5ewhKm
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:24 2024 by rpki-client on console-ams.rpki-client.org